Quantum key distribution method, device, and system

ABSTRACT

Provided are a quantum key distribution method, device, and system. The quantum key distribution system may include: a (1-1)th quantum key distribution device (QKD 1 - 1 ); a (2-1)th quantum key distribution device (QKD 2 - 1 ) connected to the QKD 1 - 1  by a first quantum channel (CH 1 ); a (3-1)th quantum key distribution device (QKD 3 - 1 ) connected to a (1-2)th quantum key distribution device (QKD 1 - 2 ) by a second quantum channel (CH 2 ); a first quantum node control device (QNC 1 ) for controlling the operation of the QKD 1 - 1  and the QKD 1 - 2 ; a second quantum node control device (QNC 2 ) for controlling the operation of the QKD 2 - 1 ; and a third quantum node control device (QNC 3 ) for controlling the operation of the QKD 3 - 1 , wherein: in the QNC 1 , the first quantum key passes through a plurality of paths including a first path (P 1 ) for connecting the QNC 1  and the QNC 3 , so as to bypass the CH 1 , thereby being transmitted to the QNC 2 ; and in the P 1 , the key is encoded with a third quantum key shared between the QKD 1 - 2  and the QKD 3 - 1 , and is transmitted.

TECHNICAL FIELD

The present disclosure relates to a quantum key distribution method, aquantum key distribution device, and a quantum key distribution systemand, more particularly, to a quantum key distribution method, a quantumkey distribution device, and a quantum key distribution system forproperly providing a quantum cryptographic key even when failure occursin a first quantum channel CH1 connecting a first quantum keydistribution device QKD1 and a second quantum key distribution deviceQKD2 of a quantum key distribution system.

BACKGROUND ART

Recently, many studies and research have been actively conducted fordetecting and treating various diseases including cancer in an earlystage. Due to the explosive popularity of wired and wirelesscommunication services, social awareness of personal privacy hasincreased in recent years, and the security of a communication networkhas been emerging as an important issue. Particularly, since thesecurity of communication networks related to countries, companies,banking, and the like are important not only in a personal aspect butalso in a social aspect, the importance of the security has beensignificantly emphasized.

However, typical communication security technology does not fullyprotect communication contents from external attacks. In order to fullyprotect the communication contents, quantum cryptography communicationtechnology is introduced. The quantum cryptography communicationtechnology theoretically guarantees very high security and has beenspotlighted as a next-generation security technology.

Accordingly, there are many studies actively conducted on quantum keydistribution (QKD) for distributing a quantum cryptographic key to aservice device, such as a device and a terminal included in a quantumcryptography communication system.

In particular, in a quantum cryptography communication system, anapplication requests and obtains a quantum cryptographic key accordingto a required standard (e.g., the length of a quantum cryptographic key,the update period of a quantum cryptographic key, or the like) from aquantum key distribution (QKD) device. The QKD device generates aquantum cryptographic key and encrypts data using the obtained quantumcryptographic key to perform communication.

Thus, to properly provide a quantum cryptography communication service,it is necessary to provide the quantum cryptographic key according tothe required standard requested by the application without interruption.For example, if a service needs to be provided with a 256-bit quantumcryptographic key every 10 seconds and if the service fails to beprovided with the quantum cryptographic key at a proper time, theservice may use the existing quantum cryptographic key continuously. Inthis case, the security may not be secured at a desired level.

In particular, a security-sensitive service may require a new quantumcryptographic key on a rapid cycle. Here, if the application fails to beprovided with a quantum cryptographic key on a desired cycle, securityquality may deteriorate, and the quality of the service may be notsecured.

Accordingly, a quantum key distribution (QKD) device requires a methodfor properly providing a quantum cryptographic key without interruptioneven when a quantum cryptographic key cannot be properly generated dueto a noise in a quantum channel, hacking of the quantum channel, or thelike. However, an appropriate solution has not yet been proposed.

DISCLOSURE OF INVENTION Technical Problem

The present disclosure has been made in view of the above-mentionedproblems, and an aspect of the present disclosure is to provide aquantum key distribution method, a quantum key distribution device, anda quantum key distribution system for properly providing a quantumcryptographic key without interruption even when a failure occurs in afirst quantum channel CH1 connecting a first quantum key distributiondevice QKD1 and a second quantum key distribution device QKD2 of aquantum key distribution system.

In accordance with an aspect of the present disclosure, a quantum keydistribution method, a quantum key distribution device, and a quantumkey distribution system may be provided for properly distributing aquantum cryptographic key via a plurality of paths even in along-distance section where a quantum key distribution system cannotdistribute a quantum cryptographic key via a single path.

Embodiments of the present disclosure will be clearly identified andunderstood by an expert or a researcher in this technical field throughthe detailed description below.

Solution to Problem

In accordance with an embodiment, a quantum key distribution system mayinclude: a 1-1 quantum key distribution device QKD1-1; a 2-1 quantum keydistribution device QKD2-1 configured to be connected with the 1-1quantum key distribution device QKD1-1 through a first quantum channelCH1; a 3-1 quantum key distribution device QKD3-1 configured to beconnected with a 1-2 quantum key distribution device QKD1-2 through asecond quantum channel CH2; a first quantum node controller QNC1configured to control an operation of the 1-1 quantum key distributiondevice QKD1-1 and an operation of the 1-2 quantum key distributiondevice QKD1-2; a second quantum node controller QNC2 configured tocontrol an operation of the 2-1 quantum key distribution device QKD2-1;and a third quantum node controller QNC3 configured to control anoperation of the 3-1 quantum key distribution device QKD3-1, wherein thefirst quantum node controller QNC1 transmits a first quantumcryptographic key to the second quantum node controller QNC2 via aplurality of paths including a first path P1 connecting the firstquantum node controller QNC1 and the third quantum node controller QNC3by bypassing the first quantum channel CH1, and the first quantumcryptographic key is encrypted with a third quantum cryptographic key,which is shared between the 1-2 quantum key distribution device QKD1-2and the 3-1 quantum key distribution device QKD3-1, and is transmittedin the first path P1.

When it is detected that a failure occurs in the first quantum channelCH1, the quantum cryptographic key may be distributed via the pluralityof paths including the first path P1 by bypassing the first quantumchannel CH1.

The quantum cryptographic key may be distributed via the plurality ofpaths in a long-distance section where it is impossible to distributethe quantum cryptographic key via a single path.

The quantum cryptographic key to be distributed may be distributed to aplurality of nodes via the plurality of paths.

The first quantum node controller QNC1 may receive a second quantumcryptographic key generated by the 2-1 quantum key distribution deviceQKD2-1 from the 1-1 quantum key distribution device QKD1-1 and the thirdquantum cryptographic key generated by the 3-1 quantum key distributiondevice QKD3-1 from the 1-2 quantum key distribution device QKD1-2.

The first quantum node controller QNC1 may calculate a quantumcryptographic key generation rate using the quantum cryptographic keytransmitted from the 1-1 quantum key distribution device QKD1-1.

The quantum key distribution system may further include a 3-2 quantumkey distribution device QKD3-2 configured to be connected with a 2-2quantum key distribution device QKD2-2, an operation of which iscontrolled by the second quantum node controller QNC2, via a thirdquantum channel CH3, wherein the third quantum node controller QNC3 maycontrol an operation of the 3-2 quantum key distribution device QKD3-2,and the second quantum node controller QNC2 may receive the firstquantum cryptographic key, which is transmitted from the first quantumnode controller QNC1, through a second path P2 connecting the thirdquantum node controller QNC3 and the second quantum node controller QNC2and may then decode the first quantum cryptographic key with a fourthquantum cryptographic key shared between the 3-2 quantum keydistribution device QKD3-2 and the 2-2 quantum key distribution deviceQKD2-2.

The quantum key distribution system may further include a quantumnetwork management server QMS configured to detect occurrence of afailure in the first quantum channel CH1 and to perform control toconfigure the plurality of paths including the first path P1 so that thefirst quantum node controller QNC1 transmits the first quantumcryptographic key to the second quantum node controller QNC2 bybypassing the first quantum channel CH1.

The quantum network management server QMS may detect whether the failureoccurs in the first quantum channel CH1 in view of a quantumcryptographic key generation rate of a quantum cryptographic keyreceived from the first quantum node controller QNC1.

In accordance with another embodiment, a quantum key distribution methodmay include: a quantum cryptographic key bypassing distributiondetermination operation in which a first quantum node controller QNC1determines to distribute a quantum cryptographic key by bypassing afirst quantum channel CH1 connecting a 1-1 quantum key distributiondevice QKD1-1 and a 2-1 quantum key distribution device QKD2-1; aquantum cryptographic key encryption operation of encrypting a firstquantum cryptographic key with a third quantum cryptographic key sharedbetween a 1-2 quantum key distribution device QKD1-2 and a 3-1 quantumkey distribution device QKD3-1; and a quantum cryptographic keybypassing transmission operation of transmitting the encrypted firstquantum cryptographic key to a second quantum node controller QNC2through the plurality of paths including a first path P1 connecting thefirst quantum node controller QNC1 and a third quantum node controllerQNC3 by bypassing the first quantum channel CH1.

In accordance with still another embodiment, a quantum key distributionsystem may include: a 1-1 quantum key distribution device QKD1-1; a 2-1quantum key distribution device QKD2-1 configured to be connected withthe 1-1 quantum key distribution device QKD1-1 via a first quantumchannel CH1; a first quantum node controller QNC1 configured to receivea first quantum cryptographic key generated by the 1-1 quantum keydistribution device QKD1-1; a second quantum node controller QNC2 toreceive a second quantum cryptographic key generated by the 2-1 quantumkey distribution device QKD2-1; and a quantum network management serverQMS configured to detect occurrence of a failure in the first quantumchannel CH1 and to control the first quantum node controller QNC1 andthe second quantum node controller QNC2 corresponding to the firstquantum channel CH1 to generate a reuse quantum cryptographic key usingthe first quantum cryptographic key and the second quantum cryptographickey according to a quantum cryptographic key reuse policy.

The first quantum node controller QNC1 and the second quantum nodecontroller QNC2 generate and share the reuse quantum cryptographic keyby combining parts of the first quantum cryptographic key and the secondquantum cryptographic key according to the quantum cryptographic keyreuse policy.

The first quantum node controller QNC1 and the second quantum nodecontroller QNC2 generate and share the reuse quantum cryptographic keyby combining a used quantum cryptographic key and an unused quantumcryptographic key stream according to the quantum cryptographic keyreuse policy.

Advantageous Effects of Invention

Accordingly, even when a failure occurs in a first quantum channel CH1connecting a first quantum key distribution device QKD1 and a secondquantum key distribution device QKD2, a quantum key distribution method,a quantum key distribution device, and a quantum key distribution systemaccording to the embodiment of the present disclosure may properlyprovide a quantum cryptographic key without interruption by sharing thequantum cryptographic key via a plurality of paths bypassing the firstquantum channel CH1 or generating a reuse quantum cryptographic key froma previously generated quantum cryptographic key.

BRIEF DESCRIPTION OF DRAWINGS

The accompanying drawings, which are included as a part of the detaileddescription to help the understanding of the present disclosure, provideembodiments of the present disclosure and describe the technical spiritof the present disclosure in conjunction with the detailed description,in which:

FIG. 1 illustrates a quantum key distribution system according to arelated art;

FIG. 2 illustrates a quantum key distribution system according to anembodiment of the present disclosure;

FIG. 3 is a block diagram illustrating a quantum key distribution systemaccording to an embodiment of the present disclosure;

FIG. 4 is a flowchart illustrating a quantum key distribution methodaccording to an embodiment of the present disclosure;

FIG. 5 illustrates an operation of a quantum key distribution systemaccording to an embodiment of the present disclosure;

FIG. 6 is a flowchart illustrating operation of a quantum keydistribution system according to an embodiment of the presentdisclosure;

FIG. 7 is a flowchart illustrating operation of a quantum keydistribution system according to another embodiment of the presentdisclosure;

FIG. 8 illustrates a quantum node controller QNC according to anembodiment of the present disclosure; and

FIG. 9 is a flowchart illustrating operation of a quantum nodecontroller QNC according to the configuration of a reuse policyaccording to an embodiment of the present disclosure.

BEST MODE FOR CARRYING OUT THE INVENTION

The present disclosure may be variously modified and may include variousembodiments. Hereinafter, specific embodiments will be described indetail with reference to the accompanying drawings.

The following embodiments are provided for a comprehensive understandingof methods, devices, and/or systems described herein. However, theseembodiments are provided merely for illustration, and the presentdisclosure is not limited thereto.

When detailed descriptions about a known technology related to thepresent disclosure are determined to make the gist of the presentdisclosure unclear in describing embodiments of the present disclosure,the detailed descriptions will be omitted herein. Furthermore, termsused below are defined in view of functions in the present disclosureand may thus be changed depending on a user, the intent of an operator,or the custom. Accordingly, the terms should be defined on the basis ofthe following overall description of this specification. The terminologyused in the detailed description is for describing embodiments of thepresent disclosure only and is not intended to limit the presentdisclosure. Unless clearly used otherwise, singular forms are intendedto include plural forms. It will be understood that the expression“include” or “comprise,” when used in this description, specify thepresence of stated features, integers, steps, operations, elements, orsome or combinations thereof, but do not preclude the presence oraddition of one or more other features, integers, steps, operations,elements, or some or combinations thereof.

Although the terms “first”, “second”, and the like may be used todescribe various components, these components should not be limited bythese terms. These terms are used only to distinguish one component fromanother component.

Hereinafter, a quantum key distribution system will be briefly describedfirst, and then a quantum key distribution method, a quantum keydistribution device, and a quantum key distribution system according toan embodiment of the present disclosure will be described in detail.

FIG. 1 illustrates a quantum cryptographic key request and responseprocess performed between a quantum key distribution QKD device and anapplication according to the European Telecommunications StandardsInstitute.

As illustrated in FIG. 1, a first application App A of a first site Site1 requests a quantum cryptographic key from a 1-1 quantum keydistribution device QKD A-1 when needing the quantum cryptographic key.Accordingly, the 1-1 quantum key distribution device QKD A-1 provides aquantum cryptographic key Key_AB having a specific identification codeKey ID=1 to the first application App A.

The first application App A transmits the identification code Key ID=1to a second application App B of a second site Site 2 to communicatewith, and the second application App B is provided with the same quantumcryptographic key Key_AB from a 2-1 quantum key distribution device QKDB-1 using the identification code Key ID=1.

However, when generation of a quantum cryptographic key is reduced in aquantum channel between the 1-1 quantum key distribution device QKD A-1and the 2-1 quantum key distribution device QKD B-1 due to a noise,hacking, or the like, generation of a quantum cryptographic key betweenthe 1-1 quantum key distribution device QKD A-1 and the 2-1 quantum keydistribution device QKD B-1 is reduced, and thus the first applicationApp A and the second application App B provided with the quantumcryptographic key from the 1-1 quantum key distribution device QKD A-1and the 2-1 quantum key distribution device QKD B-1 may not besufficiently provided with the quantum cryptographic key necessary for aservice.

In order to overcome such shortcoming, the quantum cryptographic key canbe shared between the first application App A and the second applicationApp B using a 3-1 quantum key distribution device QKD C-1 of a thirdsite Site 3 connected to the 1-2 quantum key distribution device QKD A-2of the first site Site 1, a 3-2 quantum key distribution device QKD C-2of the third site Site 3 connected to a 2-2 quantum key distributiondevice QKD B-2 of the second site Site 2, or the like by bypassing thequantum channel where a failure occurs. However, as illustrated in FIG.1, in a related art, a quantum cryptographic key Key_AC shared betweenthe 1-2 quantum key distribution device QKD A-2 and the 3-1 quantum keydistribution device QKD C-1 is different from a quantum cryptographickey Key_CB shared between the 2-2 quantum key distribution device QKDB-2 and the 3-2 quantum key distribution device QKD C-2. Accordingly, itis difficult to share the quantum cryptographic key between the firstapplication App A and the second application App B, and the firstapplication App A and the second application App B cannot properlyperform quantum cryptography communication.

In the quantum key distribution method, the quantum key distributiondevice, and the quantum key distribution system according to theembodiment of the present disclosure, even when a failure occurs in thequantum channel connecting the 1-1 quantum key distribution device QKDA-1 of the first site Site 1 and the 2-1 quantum key distribution deviceQKD B-1 of the second site Site 2, it is possible to properly share aquantum cryptographic key between the first application App A and thesecond application App B safely and without interruption i) by using amultilink that bypasses the quantum channel ii) by regenerating aquantum cryptographic key using a defined reuse policy.

Hereinafter, the quantum key distribution method, the quantum keydistribution device, and the quantum key distribution system accordingto the embodiment of the present disclosure will be described withreference to the accompanying drawings.

FIG. 2 illustrates a quantum key distribution system 10 according to anembodiment of the present disclosure. As illustrated in FIG. 2, thequantum key distribution system 10 according to the embodiment of thepresent disclosure may include a transmitter 11, a receiver 12, and aquantum channel 13. The transmitter 11 and the receiver 12 generate andshare a quantum cryptographic key by exchanging optical signals throughthe quantum channel 13.

Here, the transmitter 11 and the receiver 12 may be servers, clients orterminal devices connected to a server, communication devices, such asgateways or routers, or portable devices having mobility or may beconfigured using various devices capable of communication by generatingand sharing a quantum key.

The quantum channel 13 is provided between the transmitter 11 and thereceiver 12 to transmit an optical signal. The quantum channel 13 may beconfigured using an optical fiber. However, the present disclosure isnot limited thereto. For example, any medium capable of transmitting anoptical signal may be used to configure the quantum channel 13.

Accordingly, the transmitter 11 and the receiver 12 may exchangeinformation necessary to generate the quantum cryptographic key usingthe phase, polarization, and the like of the optical signal according tovarious protocols, such as the BB84 protocol. The transmitter 11 and thereceiver 12 may generate and share the quantum cryptographic key inorder to effectively prevent an attacker 14 from stealing the quantumcryptographic key and attempting to hack the quantum cryptographic key.

Furthermore, a quantum cryptography communication system may performcommunication while performing encryption and decryption using thequantum cryptographic key generated in the quantum key distributionsystem 10. Therefore, the security of the communication system isenhanced according to the embodiment of the present disclosure.

FIG. 3 is a block diagram illustrating a quantum key distribution system100 according to an embodiment of the present disclosure. As illustratedin FIG. 3, the quantum key distribution system 100 according to theembodiment of the present disclosure may include a 1-1 quantum keydistribution device QKD1-1, a 2-1 quantum key distribution device QKD2-1121 connected with the 1-1 quantum key distribution device QKD1-1 111through a first quantum channel CH1, a 3-1 quantum key distributiondevice QKD3-1 131 connected with a 1-2 quantum key distribution deviceQKD1-2 112 through a second quantum channel CH2, a first quantum nodecontroller QNC1 115 to control the operation of the 1-1 quantum keydistribution device QKD1-1 111 and the 1-2 quantum key distributiondevice QKD1-2 112, a second quantum node controller QNC2 125 to controlthe operation of the 2-1 quantum key distribution device QKD2-1 121, anda third quantum node controller QNC3 135 to control the operation of the3-1 quantum key distribution device QKD3-1 131.

In the quantum key distribution system 100 according to the embodimentof the present disclosure, the first quantum node controller QNC1 115transmits a first quantum cryptographic key to the second quantum nodecontroller QNC2 125 via a plurality of paths including a first path P1connecting the first quantum node controller QNC1 115 and the thirdquantum node controller QNC3 135 by bypassing the first quantum channelCH1. Here, in the first path P1, the first quantum cryptographic key isencrypted with a third quantum cryptographic key shared between the 1-2quantum key distribution device QKD1-2 112 and the 3-1 quantum keydistribution device QKD3-1 131 and is transmitted.

Here, when a failure occurs in the first quantum channel CH1, thequantum key distribution system 100 according to the embodiment of thepresent disclosure may distribute the quantum cryptographic key via theplurality of paths including the first path P1 by bypassing the firstquantum channel CH1, in order to effectively distribute the quantumcryptographic key via the plurality of paths by bypassing the firstquantum channel CH1 even when the failure occurs in the first quantumchannel CH1.

In addition, even when a transmitter 11 and a receiver 12 to which aquantum cryptographic key is distributed are positioned at a longdistance where the quantum cryptographic key cannot not be distributedvia a single path, the quantum key distribution system 100 according tothe embodiment of the present disclosure may properly distribute thequantum cryptographic key via a plurality of paths.

Furthermore, even when it is intended to distribute a quantumcryptographic key to a plurality of nodes as in multicasting, thequantum key distribution system 100 according to the embodiment of thepresent disclosure may easily distribute the quantum cryptographic keyto be distributed to the plurality of nodes via a plurality of paths.

In FIG. 3, the first quantum node controller QNC1 115, the 1-1 quantumkey distribution device QKD1-1 111, and the 1-2 quantum key distributiondevice QKD1-2 112 are disposed in the same first site Site 1. However,the present disclosure is not limited thereto. Further, the 1-1 quantumkey distribution device QKD1-1 111 and the 1-2 quantum key distributiondevice QKD1-2 112 may be configured as a single device in FIG. 3.However, the present disclosure is not limited thereto. For example, the1-1 quantum key distribution device QKD1-1 111 and the 1-2 quantum keydistribution device QKD1-2 112 may be configured as separate devices inaccordance with another embodiment.

As illustrated in FIG. 3, the quantum key distribution system 100according to the embodiment of the present disclosure may furtherinclude a 3-2 quantum key distribution device QKD3-2 132 connected witha 2-2 quantum key distribution device QKD2-2 122, the operation of whichis controlled by the second quantum node controller QNC2, via a thirdquantum channel CH3.

The third quantum node controller QNC3 controls the operation of the 3-2quantum key distribution device QKD3-2. When a failure occurs in thefirst quantum channel CH1, the second quantum node controller QNC2 125receives the first quantum cryptographic key, transmitted from the firstquantum node controller QNC1 115, through a second path P2 connectingthe third quantum node controller QNC3 135 and the second quantum nodecontroller QNC2 125 and then decodes the first quantum cryptographic keywith a fourth quantum cryptographic key shared between the 3-2 quantumkey distribution device QKD3-2 132 and the 2-2 quantum key distributiondevice QKD2-2 122.

FIG. 3 shows the second quantum node controller QNC2 125, the 2-1quantum key distribution device QKD2-1 121, and the 2-2 quantum keydistribution device QKD2-2 122 may be disposed in the same second siteSite 2. However, the present disclosure is not limited thereto. Further,the 2-1 quantum key distribution device QKD2-1 121 and the 2-2 quantumkey distribution device QKD2-2 122 may be configured as a single deviceas shown in FIG. 3. However, the present disclosure is not limitedthereto. For example, the 2-1 quantum key distribution device QKD2-1 121and the 2-2 quantum key distribution device QKD2-2 122 may be configuredas separate devices.

Similarly, FIG. 3 shows that the third quantum node controller QNC3 135,the 3-1 quantum key distribution device QKD3-1 131, and the 3-2 quantumkey distribution device QKD3-2 132 may be disposed in the same secondsite Site 3. However, the present disclosure is not limited thereto.Further, FIG. 3 shows the 3-1 quantum key distribution device QKD3-1 131and the 3-2 quantum key distribution device QKD3-2 132 may be configuredas a single device. However, the present disclosure is not limitedthereto. For example, the 3-1 quantum key distribution device QKD3-1 131and the 3-2 quantum key distribution device QKD3-2 132 may be configuredas separate devices in accordance with another embodiment.

As illustrated in FIG. 3, the quantum key distribution system 100according to the embodiment of the present disclosure may furtherinclude a quantum network management server QMS 160 that detects theoccurrence of a failure in the first quantum channel CH1 and performscontrol to configure a plurality of paths including the first path P1 sothat the first quantum node controller QNC1 115 transmits the firstquantum cryptographic key to the second quantum node controller QNC2 125by bypassing the first quantum channel CH1.

The quantum network management server QMS 160 may detect whether afailure occurs in the first quantum channel CH1 in view of the quantumcryptographic key generation rate of the quantum cryptographic keyreceived from the first quantum node controller QNC1 115 and mayconfigure the plurality of paths including the first path P1 to transmitthe first quantum key from the first quantum node controller QNC1 115 tothe second quantum node controller QNC2 125 by bypassing the firstquantum channel CH1.

Although FIG. 3 shows that the first quantum node controller QNC1 115 isconnected to the third quantum node controller QNC3 135 via the firstpath P1 and is then connected to the second quantum node controller QNC2125 via the second path P2, the present disclosure is not limitedthereto. Alternatively, the first quantum key may be transmitted fromthe first quantum node controller QNC1 115 to the second quantum nodecontroller QNC2 125 through a multilink passing through a plurality ofpaths connecting to an additional quantum node controller QNC.

FIG. 4 is a flowchart illustrating a quantum key distribution methodaccording to an embodiment of the present disclosure. As illustrated inFIG. 4, the quantum key distribution method according to the embodimentof the present disclosure may include i) a quantum cryptographic keybypassing distribution determination operation (S110) in which the firstquantum node controller QNC1 115 determines to distribute a quantumcryptographic key by bypassing the first quantum channel CH1 connectingthe 1-1 quantum key distribution device QKD1-1 111 and the 2-1 quantumkey distribution device QKD2-1 121, ii) a quantum cryptographic keyencryption operation (S120) of encrypting the first quantumcryptographic key with the third quantum cryptographic key sharedbetween the 1-2 quantum key distribution device QKD1-2 112 and the 3-1quantum key distribution device QKD3-1 131, and iii) a quantumcryptographic key bypassing transmission operation (S130) oftransmitting the encrypted first quantum cryptographic key to the secondquantum node controller QNC2 125 through the plurality of pathsincluding the first path P1 connecting the first quantum node controllerQNC1 115 and the third quantum node controller QNC3 135 by bypassing thefirst quantum channel CH1.

Accordingly, even when a failure occurs in the first quantum channel CH1connecting the 1-1 quantum key distribution device QKD1-1 111 and the2-1 quantum key distribution device QKD2-1 121 or a transmitter and areceiver are positioned at a long distance where a quantum cryptographickey cannot not be distributed via a single path, the quantum keydistribution system 100 and the quantum key distribution methodaccording to the embodiment of the present disclosure may share aquantum cryptographic key through a plurality of paths bypassing thefirst quantum channel CH1. Therefore, the quantum cryptographic key maybe properly provided without interruption in accordance with theembodiments.

FIG. 5 illustrates operation of a quantum key distribution system 100according to an embodiment of the present disclosure.

Hereinafter, regarding the quantum key distribution method, the quantumkey distribution device, and the quantum key distribution systemaccording to the embodiment of the present disclosure, the operation ofeach individual component is described in detail with reference to FIG.3 to FIG. 5.

First, as illustrated in FIG. 5, in the quantum key distribution system100 according to the embodiment of the present disclosure, each quantumkey distribution device QKD generates and shares a quantum cryptographickey by exchanging optical signals through each quantum channel andtransmits the generated quantum cryptographic key to a correspondingquantum node controller QNC ((0) of FIG. 5).

The quantum node controller QNC may function to receive, store, andmanage the quantum cryptographic key generated by the quantum keydistribution device QKD and to control and manage the state of thequantum key distribution device QKD.

The quantum node controller QNC may be configured as an independentdevice separate from the quantum key distribution device QKD or may beintegrated with the quantum key distribution device QKD as a singledevice. Further, the quantum node controller QNC may be configured invarious forms, such as a processor driven in a server or a communicationdevice, in addition to a physical device.

Specifically, as illustrated in FIG. 5, the 1-1 quantum key distributiondevice QKD1-1 111 generates a quantum cryptographic key by exchangingoptical signals with the 2-1 quantum key distribution device QKD2-1 121through the first quantum channel CH1 and transmits the generatedquantum cryptographic key to the first quantum node controller QNC1 115((0) of FIG. 5).

Although it has been shown above that the 1-1 quantum key distributiondevice QKD1-1 111 transmits the quantum cryptographic key to the firstquantum node controller QNC1, the present disclosure is not limitedthereto. Instead, it is possible to transmit a quantum key stream otherthan the quantum cryptographic key.

The 1-1 quantum key distribution device QKD1-1 111 may calculate aquantum cryptographic key generation rate from the quantum cryptographickey generated in the first quantum channel CH1.

The quantum network management server 160 may monitor the quantumcryptographic key generation rate in the first quantum channel CH1calculated by the 1-1 quantum key distribution device QKD1-1 111 and maydetermine that a failure occurs in the first quantum channel CH1 due toa noise, hacking, or the like when the quantum cryptographic keygeneration rate in the first quantum channel CH1 is reduced to apredetermined threshold value or less.

Although it has been shown above that the quantum network managementserver 160 determines whether a failure occurs in the first quantumchannel CH1 on the basis of the generation rate of the quantumcryptographic key generated by the 1-1 quantum key distribution deviceQKD1-1 111, the present disclosure is not necessarily limited thereto.Instead, the 1-1 quantum key distribution device QKD1-1 111 may directlydetermine whether a failure occurs in the first quantum channel CH1.

Subsequently, when the occurrence of the failure in the first quantumchannel CH1 is detected, the quantum network management server 160calculates an alternative path bypassing the first quantum channel CH1.

A path search algorithm, such as Dijkstra's algorithm orconstraint-based shortest path search algorithm, may be used whencalculating the alternative path. Accordingly, an optimal alternativepath excluding the first quantum channel CH1 in which the failure hasoccurred may be calculated.

The quantum network management server 160 may transmit information aboutthe path replacing the first quantum channel CH1 to the quantum nodecontrollers QNC to share the quantum cryptographic key using thealternate path.

Subsequently, the first quantum node controller QNC1 115 receives, froman application A App A driven in a first service device 170corresponding to the 1-1 quantum key distribution device QKD1-1 111, aquantum cryptographic key request for performing communication with anapplication B App B driven in a second service device 180 correspondingto the 2-1 quantum key distribution device QKD2-1 121 connected throughthe first quantum channel CH1 ((1) of FIG. 5).

The first quantum node controller QNC1 115 prepares a first quantumcryptographic key (Key_AB in FIG. 5) to be used for quantum cryptographycommunication between the application A App A and the application B AppB.

The first quantum cryptographic key may be a randomly generatedcryptographic key or may be obtained by various methods, for example,selecting one of quantum cryptographic keys generated by the 1-1 quantumkey distribution device QKD1-1 111 or the 1-2 quantum key distributiondevice QKD1-2 112.

The first quantum node controller QNC1 115 transmits the first quantumcryptographic key to the third quantum node controller QNC3 135 throughthe first path P1, which is a first section of the alternative path.

Here, the first quantum node controller QNC1 115 encrypts the firstquantum cryptographic key with a third quantum cryptographic keygenerated between the 1-2 quantum key distribution device QKD1-2 112 andthe 3-1 quantum key distribution device QKD3-1 131 and transmits theencrypted first quantum cryptographic key. The third quantum nodecontroller QNC3 135 receives the encrypted first quantum cryptographickey and decrypts the encrypted first quantum cryptographic key with thethird quantum cryptographic key ((2-1) of FIG. 5).

The alternative path may include a large number of unit paths. In eachunit path, the first quantum cryptographic key may be encrypted with aquantum cryptographic key corresponding to each unit path, betransmitted, and then be decrypted. Therefore, the first quantumcryptographic key may be safely transmitted according to the embodimentof the present disclosure.

Accordingly, the first quantum cryptographic key is transmitted to thesecond quantum node controller QNC2 125 through a second path P2, whichis the last section of the alternative path. The second quantum nodecontroller QNC2 125 receives the first quantum cryptographic keyencrypted with a fourth quantum cryptographic key and decrypts theencrypted first quantum cryptographic key with the fourth quantumcryptographic key ((2-2) in FIG. 5).

Subsequently, the first quantum node controller QNC1 115 transmits thefirst quantum cryptographic key (Key_AB of FIG. 5) to the application AApp A of the first service device 170 and also transmits identificationinformation (Key ID=1 of FIG. 5) about the first quantum cryptographickey is also transmitted ((3) in FIG. 5).

The application A is provided with the first quantum cryptographic keyand transmits the identification information about the first quantumcryptographic key to the application B App B driven in the second userdevice 180 ((4) of FIG. 5).

The application B App B requests a quantum cryptographic keycorresponding to the identification information (Key ID=1) from thesecond quantum node controller QNC2 125 ((5) of FIG. 5). Accordingly,the second quantum node controller QNC2 125 provides the first quantumcryptographic key (Key_AB of FIG. 5) to the application B App B ((6) inFIG. 5).

As described above, even when generation of a quantum cryptographic keyis reduced due to the occurrence of a failure in the first quantumchannel CH1, the quantum key distribution system 100 and the quantum keydistribution method according to the embodiment of the presentdisclosure may properly provide the quantum cryptographic key requiredfor the quantum cryptography communication between the application A AppA driven in the first service device 170 and the application B App Bdriven in the second service device 180 without interruption bybypassing the first quantum channel CH1.

MODE FOR CARRYING OUT THE INVENTION

FIG. 6 is a flowchart illustrating operation of the quantum keydistribution system 100 according to an embodiment of the presentdisclosure.

As illustrated in FIG. 6, each quantum node controller QNC calculates aquantum cryptographic key generation rate from a generated quantumcryptographic key and transmits the quantum cryptographic key generationrate to the quantum network management server 160 ((a) of FIG. 6).

The quantum network management server 160 may identify a failure sectionin which quantum cryptographic key generation is reduced using thequantum cryptographic key generation rate ((b) of FIG. 6) andrecalculates an alternative path for quantum cryptographic keygeneration for the failure section (A-B of FIG. 6) in which quantumcryptographic key generation is reduced ((c) of FIG. 6).

The quantum network management server 160 transmits the calculatedalternative path for quantum cryptographic key generation to eachquantum node controller to configure the same ((d) of FIG. 6).

Subsequently, when the first quantum node controller QNC1 115 receives aquantum cryptographic key request from an application ((e) of FIG. 6),the first quantum node controller QNC1 115 randomly generates a firstquantum cryptographic key ((g) of FIG. 6) and transmits the firstquantum cryptographic key to the third quantum node controller QNC3 135through a first path QNC1-QNC3 of the alternative path, in which casethe first quantum cryptographic key is encrypted with a third quantumcryptographic key (Key_AC of FIG. 6) corresponding to the first path andis transmitted ((g) of FIG. 6).

The third quantum node controller QNC3 135 receives the encrypted firstquantum cryptographic key and decrypts the encrypted first quantumcryptographic key with the third quantum cryptographic key (Key_AC ofFIG. 6), thereby extracting the first quantum cryptographic key ((h) ofFIG. 6).

The third quantum node controller QNC3 135 encrypts the first quantumcryptographic key with a fourth quantum cryptographic key (Key_BD ofFIG. 6) corresponding to a second path QNC3-QNC2 and transmits theencrypted first quantum cryptographic key to the second quantum nodecontroller QNC2 125 ((i) of FIG. 6).

The second quantum node controller QNC2 125 receives the encrypted firstquantum cryptographic key and decrypts the encrypted first quantumcryptographic key with the fourth quantum cryptographic key (Key_BD ofFIG. 6), thereby extracting the first quantum cryptographic key ((j) ofFIG. 6).

Subsequently, the second quantum node controller QNC2 125 notifies thefirst quantum node controller QNC1 115 that the first quantumcryptographic key is shared ((k) of FIG. 6).

The first quantum node controller QNC1 115 and the second quantum nodecontroller QNC2 125 provide the first quantum cryptographic key to anapplication A App A and an application B App B, respectively ((1) ofFIG. 6), and the application A App A and the application B App B may beproperly provided with the quantum cryptographic key necessary forquantum cryptography communication without interruption despite theoccurrence of the failure in the first quantum channel CH1, therebyperforming the quantum cryptography communication.

A quantum key distribution system 100 according to another embodiment ofthe present disclosure may be configured to include i) a 1-1 quantum keydistribution device QKD1-1 111, ii) a 2-1 quantum key distributiondevice QKD2-1 121 connected with the 1-1 quantum key distribution deviceQKD1-1 111 via a first quantum channel CH1, iii) a first quantum nodecontroller QNC1 115 to receive a first quantum cryptographic keygenerated by the 1-1 quantum key distribution device QKD1-1 111, iv) asecond quantum node controller QNC2 125 to receive a second quantumcryptographic key generated by the 2-1 quantum key distribution deviceQKD2-1 121, and v) a quantum network management server QMS 160 to detectoccurrence of a failure in the first quantum channel CH1 and to controlthe first quantum node controller QNC1 115 and the second quantum nodecontroller QNC2 125 corresponding to the first quantum channel CH1 togenerate a reuse quantum cryptographic key using the first quantumcryptographic key and the second quantum cryptographic key according toa quantum cryptographic key reuse policy.

Here, the first quantum node controller QNC1 115 and the second quantumnode controller QNC2 125 may generate and share the reuse quantumcryptographic key by combining parts of the first quantum cryptographickey and the second quantum cryptographic key according to the quantumcryptographic key reuse policy.

Accordingly, even when quantum cryptographic key generation is reduceddue to the occurrence of a failure in the first quantum channel CH1, thequantum key distribution system 100 according to the other embodiment ofthe present disclosure may generate a reuse quantum cryptographic keyfrom an existing quantum cryptographic key by applying the quantumcryptographic key reused policy, thereby properly providing a quantumcryptographic key required for quantum cryptography communicationwithout interruption.

Hereinafter, the operation of the quantum key distribution system 100according to another embodiment of the present disclosure will bedescribed in detail with reference to FIG. 3 and FIG. 7.

As illustrated in FIG. 7, each quantum node controller QNC calculates aquantum cryptographic key generation rate from a generated quantumcryptographic key and transmits the quantum cryptographic key generationrate to the quantum network management server 160 ((a) of FIG. 7).

The quantum network management server 160 may identify a failure sectionin which quantum cryptographic key generation is reduced using thequantum cryptographic key generation rate ((b) of FIG. 7) and determineswhether to apply the quantum cryptographic key reuse policy to thefailure section in which quantum cryptographic key generation is reducedand the content of the quantum cryptographic key reuse policy ((c) ofFIG. 7). When there is an adequate path for relaying the quantumcryptographic key, a relay method and the reuse policy may beselectively used. However, when there is no adequate path for relayingthe quantum cryptographic key in a specific section, only a reuse methodmay be used, in which case the quantum network management server 160performs the reuse policy.

Subsequently, the quantum network management server 160 transmits thedetermined quantum cryptographic key reuse policy to the first quantumnode controller QNC1 115 and the second quantum node controller QNC2 125corresponding to the quantum channel in which the failure has occurred((d) of FIG. 7).

The first quantum node controller QNC1 115 and the second quantum nodecontroller QNC2 125 may generate a reuse quantum cryptographic key usingan existing quantum cryptographic key according to the quantumcryptographic key reuse policy received from the quantum networkmanagement server 160 ((e) of FIG. 7).

According to the quantum cryptographic key reuse policy, it is possibleto determine whether to use specific quantum cryptographic keyidentification information (Key ID) or which part of the quantumcryptographic key is used when generating the reuse quantumcryptographic key.

In an example, a new quantum cryptographic key may be generated byadopting one bit of each of Key IDs 1, 2, 3, and 4. Specifically, whenKey ID=1 is 1011, Key ID=2 is 0101, Key ID=3 is 1100, and Key ID=4 is1111, a reuse quantum cryptographic key of 1101 may be generated byadopting one bit of each of Key IDs 1, 2, 3, and 4, specifically bycombining a first bit (1) of Key ID 1, a second bit (1) of Key ID 2, athird bit (0) of Key ID 3, and a fourth bit (1) of Key ID 4.

FIG. 8 illustrates a quantum node controller QNC 200 according to anembodiment of the present disclosure.

As illustrated in FIG. 8, the quantum node controller QNC 200 accordingto the embodiment of the present disclosure may include a processor or aset of processors. Further, the quantum node controller QNC 200 mayinclude a plurality of circuitry units each performing a dedicatedfunction. Each circuitry unit may be referred to as a unit. For example,the quantum node controller QNC 200 may include at least one componentof a quantum cryptographic key reuse policy configuration unit 210, aquantum cryptographic key generation rate management/transmission unit220, a quantum cryptographic key relay processing unit 230, a quantumcryptographic key distribution unit 240, a random quantum cryptographickey generation/selection unit 250, and a quantum key distribution devicemanagement unit 260.

The quantum cryptographic key reuse policy configuration unit 210configures a quantum cryptographic key reuse policy transmitted from thequantum network management server 160 to generate a reuse quantumcryptographic key. Further, in an embodiment of the present disclosure,as described in detail in FIG. 9, the quantum cryptographic key reusepolicy configuration unit 210 may manage a used key pool and an unusedkey pool and may generate a reuse quantum cryptographic key using theused key pool and the unused key pool according to the reuse policy.

The quantum cryptographic key generation rate management/transmissionunit 220 receives a quantum cryptographic key generated by a quantum keydistribution device QKD, calculates and manages a quantum cryptographickey generation rate, and transmits the quantum cryptographic keygeneration rate to the quantum network management server 160.

The quantum cryptographic key relay processing unit 230 transmits afirst quantum cryptographic key transmitted from a neighboring quantumnode controller QNC 200 to another quantum node controller QNC 200.

The quantum cryptographic key distribution unit 240 performs a functionof distributing the quantum cryptographic key generated by the quantumkey distribution device QKD to a service device or the like.

The random quantum cryptographic key generation/selection unit 250generates a random quantum cryptographic key or selects one of thequantum cryptographic keys generated by the quantum key distributiondevice QKD, thereby selecting the first quantum cryptographic key.

Finally, the quantum key distribution device management unit 260functions to control and manage the quantum key distribution device QKD.

Accordingly, even when a failure occurs in a first quantum channel CH1connecting a first quantum key distribution device QKD1 and a secondquantum key distribution device QKD2, the quantum key distributionmethod, the quantum key distribution device, and the quantum keydistribution system according to the embodiment of the presentdisclosure may properly provide a quantum cryptographic key withoutinterruption by sharing the quantum cryptographic key via a plurality ofpaths bypassing the first quantum channel CH1 or generating a reusequantum cryptographic key from a previously generated quantumcryptographic key.

Furthermore, the quantum key distribution method, the quantum keydistribution device, and the quantum key distribution system accordingto the embodiment of the present disclosure relates to an end-to-end(E2E) quantum cryptographic key transmission technology and may extend aquantum key distribution (QKD) network for exchanging a quantumcryptographic key only within a short distance to be applied to exchangeof a quantum cryptographic key even in a long distance and may alsoapply the network when a plurality of nodes needs to share the samequantum cryptographic key as in multicasting. Here, when the shared keyis transmitted to the nodes to share the quantum cryptographic key, thequantum cryptographic key may be encrypted using a quantum key generatedfor each section and may then be transmitted, thereby being safelyshared.

FIG. 9 is a flowchart illustrating operation of a quantum nodecontroller QNC 200 according to a reuse policy in accordance with anembodiment of the present disclosure.

Hereinafter, the operation of the quantum node controller QNC 200according to the reuse policy in accordance with the embodiment of thepresent disclosure will be described in detail with reference to FIG. 9.

First, referring to (a) of FIG. 9, until receiving a reuse policy fromthe quantum network management server 160, when the quantum nodecontroller QNC 200 obtains a quantum cryptographic key from a quantumkey distribution device QKD (S210), the quantum node controller QNC 200stores the quantum cryptographic key in an unused key pool (S220), andwhen the quantum node controller QNC 200 uses the quantum cryptographickey upon receiving a quantum cryptographic key request (S230), thequantum node controller QNC 200 stores the quantum cryptographic key ina used key pool (S290).

Since it is impossible to store an unlimited number of quantumcryptographic keys in the used key pool, the quantum cryptographic keysare continuously stored until reaching the number of key bits, which ispreviously set to be used when quantum cryptographic keys become short.When the number of keys in the used key pool is greater than the setnumber of key bits, the used key pool is updated with the most recentlyobtained key stream by discarding the oldest quantum cryptographic keyand storing the recently used quantum cryptographic key.

When the quantum network management server 160 recognizes a lack ofquantum cryptographic keys and configures (e.g., defines) the reusepolicy to the quantum node controller QNC 200, the quantum nodecontroller QNC 200 may then be provided with keys to be used, half ofwhich are from the used key pool and the other half of which are fromthe unused key pool upon receiving a key request (S260). Even in thiscase, a used quantum cryptographic key is stored again in the used keypool (S290), and only when there is no key in the unused key pool, a keyto be provided to the client may be provided 100% from the used key pool(S270). Using this method makes it possible to prevent disconnection ofa service by reusing quantum cryptographic keys even in a section wherethere are insufficient quantum cryptographic keys and to provide aquantum cryptographic key that ensures security since a reuse quantumcryptographic key generates a new key by combining a used key and anunused key even in a situation where the reuse quantum cryptographic keyis used. The foregoing description is only an example, and the presentdisclosure is not necessarily limited thereto. Furthermore, the presentdisclosure may also provide a method in which the quantum networkmanagement server 160 processes the reuse policy by more variousmethods.

The foregoing description is provided merely to explain the technicalidea of the present disclosure, and it will be apparent to those havingordinary skill in the art to which this disclosure belongs that variousmodifications and variations can be made in the present disclosurewithout departing from the essential characteristics of the presentdisclosure. The embodiments disclosed herein are provided not to limitbut to describe the technical idea of the present disclosure and do notlimit the scope of the present disclosure. The scope of the presentdisclosure should be construed as being defined by the appended claims,and any technical ideas within the appended claims and their equivalentsshould be construed as being included in the scope of the presentdisclosure.

1. A quantum key distribution system comprising: a 1-1 quantum keydistribution device (QKD1-1); a 2-1 quantum key distribution device(QKD2-1) configured to be connected with the 1-1 quantum keydistribution device (QKD1-1) through a first quantum channel (CH1); a3-1 quantum key distribution device (QKD3-1) configured to be connectedwith a 1-2 quantum key distribution device (QKD1-2) through a secondquantum channel (CH2); a first quantum node controller (QNC1) configuredto control operation of the 1-1 quantum key distribution device (QKD1-1)and operation of the 1-2 quantum key distribution device (QKD1-2); asecond quantum node controller (QNC2) configured to control operation ofthe 2-1 quantum key distribution device (QKD2-1); and a third quantumnode controller (QNC3) configured to control operation of the 3-1quantum key distribution device (QKD3-1), wherein the first quantum nodecontroller (QNC1) transmits a first quantum cryptographic key to thesecond quantum node controller (QNC2) via a plurality of paths includinga first path (P1) connecting the first quantum node controller (QNC1)and the third quantum node controller (QNC3) by bypassing the firstquantum channel (CH1), and the first quantum cryptographic key isencrypted with a third quantum cryptographic key, which is sharedbetween the 1-2 quantum key distribution device (QKD1-2) and the 3-1quantum key distribution device (QKD3-1), and the first quantumcryptographic key is transmitted in the first path P1.
 2. The quantumkey distribution system of claim 1, wherein, when a failure occurs inthe first quantum channel (CH1), the quantum cryptographic key isdistributed via the plurality of paths comprising the first path (P1) bybypassing the first quantum channel (CH1).
 3. The quantum keydistribution system of claim 1, wherein the quantum cryptographic key isdistributed via the plurality of paths in a long-distance section whereit is impossible to distribute the quantum cryptographic key via asingle path.
 4. The quantum key distribution system of claim 1, whereinthe quantum cryptographic key is distributed to a plurality of nodes viathe plurality of paths.
 5. The quantum key distribution system of claim1, wherein the first quantum node controller (QNC1) receives a secondquantum cryptographic key generated by the 2-1 quantum key distributiondevice (QKD2-1) from the 1-1 quantum key distribution device (QKD1-1)and the third quantum cryptographic key generated by the 3-1 quantum keydistribution device (QKD3-1) from the 1-2 quantum key distributiondevice (QKD1-2).
 6. The quantum key distribution system of claim 5,wherein the first quantum node controller (QNC1) calculates a quantumcryptographic key generation rate using the quantum cryptographic keytransmitted from the 1-1 quantum key distribution device (QKD1-1). 7.The quantum key distribution system of claim 1, further comprising: a3-2 quantum key distribution device (QKD3-2) configured to be connectedwith a 2-2 quantum key distribution device (QKD2-2), an operation ofwhich is controlled by the second quantum node controller (QNC2), via athird quantum channel (CH3), wherein the third quantum node controller(QNC3) controls the 3-2 quantum key distribution device (QKD3-2), andthe second quantum node controller (QNC2) receives the first quantumcryptographic key, which is transmitted from the first quantum nodecontroller (QNC1), through a second path (P2) connecting the thirdquantum node controller (QNC3) and the second quantum node controller(QNC2) and then decodes the first quantum cryptographic key with afourth quantum cryptographic key shared between the 3-2 quantum keydistribution device (QKD3-2) and the 2-2 quantum key distribution device(QKD2-2).
 8. The quantum key distribution system of claim 1, furthercomprising: a quantum network management server (QMS) configured todetect a failure in the first quantum channel (CH1) and to performcontrol to configure the plurality of paths comprising the first path(P1) so that the first quantum node controller (QNC1) transmits thefirst quantum key to the second quantum node controller (QNC2) bybypassing the first quantum channel (CH1).
 9. The quantum keydistribution system of claim 8, wherein the quantum network managementserver (QMS) detects whether the failure occurs in the first quantumchannel (CH1) in view of a quantum cryptographic key generation rate ofa quantum cryptographic key received from the first quantum nodecontroller (QNC1).
 10. A quantum key distribution method comprising: aquantum cryptographic key bypassing distribution determination operationof, by a first quantum node controller (QNC1), determining to distributea quantum cryptographic key by bypassing a first quantum channel (CH1)connecting a 1-1 quantum key distribution device (QKD1-1) and a 2-1quantum key distribution device (QKD2-1); a quantum cryptographic keyencryption operation of encrypting a first quantum cryptographic keywith a third quantum cryptographic key shared between a 1-2 quantum keydistribution device (QKD1-2) and a 3-1 quantum key distribution device(QKD3-1); and a quantum cryptographic key bypassing transmissionoperation of transmitting the encrypted first quantum cryptographic keyto a second quantum node controller (QNC2) through the plurality ofpaths comprising a first path (P1) connecting the first quantum nodecontroller (QNC1) and a third quantum node controller (QNC3) bybypassing the first quantum channel (CH1).
 11. A quantum keydistribution system comprising: a 1-1 quantum key distribution device(QKD1-1); a 2-1 quantum key distribution device (QKD2-1) configured tobe connected with the 1-1 quantum key distribution device (QKD1-1) via afirst quantum channel (CH1); a first quantum node controller (QNC1)configured to receive a first quantum cryptographic key generated by the1-1 quantum key distribution device (QKD1-1); a second quantum nodecontroller (QNC2) to receive a second quantum cryptographic keygenerated by the 2-1 quantum key distribution device (QKD2-1); and aquantum network management server (QMS) configured to detect a failurein the first quantum channel (CH1) and to control the first quantum nodecontroller (QNC1) and the second quantum node controller (QNC2)corresponding to the first quantum channel (CH1) to generate a reusequantum cryptographic key using the first quantum cryptographic key andthe second quantum cryptographic key according to a quantumcryptographic key reuse policy.
 12. The quantum key distribution systemof claim 11, wherein the first quantum node controller (QNC1) and thesecond quantum node controller (QNC2) generate and share the reusequantum cryptographic key by combining parts of the first quantumcryptographic key and the second quantum cryptographic key according tothe quantum cryptographic key reuse policy.
 13. The quantum keydistribution system of claim 11, wherein the first quantum nodecontroller (QNC1) and the second quantum node controller (QNC2) generateand share the reuse quantum cryptographic key by combining a usedquantum cryptographic key and an unused quantum cryptographic key streamaccording to the quantum cryptographic key reuse policy.